U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Acer discloses a new data breach, 160 GB of sensitive data available for sale

Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company. Recently a threat actor announced the availability for sale of 160 GB of data allegedly stolen from the Taiwanese multinational hardware and electronics corporation Acer. The threat actor announced the hack on a popular cybercrime forum, he claims […]

Acer data breach

Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company.

Recently a threat actor announced the availability for sale of 160 GB of data allegedly stolen from the Taiwanese multinational hardware and electronics corporation Acer.

Acer data breach

The threat actor announced the hack on a popular cybercrime forum, he claims to have stolen about 2869 files. The stolen files include confidential product model documentation, binaries, backend infrastructure, BIOS information, and other sensitive data.

Reads the post published by the seller on Breached Forums:

The leak contains a total 160GB of 655 directories, and 2869 files. It includes:

  • Confidential slides/presentations
  • Staff manuals to various technical problems
  • Windows Imaging Format files
  • Tons of binaries (.exe, .dll, .bin, etc…)
  • Backend infrastructure
  • Confidential product model documentation and information of phones, tablets, laptops, etc…
  • Replacement Digital Product Keys (RDPK)
  • ISO files
  • Windows System Deployment Image (SDI) files
  • Tons of BIOS stuff
  • ROM files

(honestly there’s so much shit that it’ll take me days to go through the list of what was breached lol)

Acer confirmed the incident and discloses a data breach, the company said that attackers have compromised one of its servers.

“We have recently detected an incident of unauthorized access to one of our document servers for repair technicians. While our investigation is ongoing, there is currently no indication that any consumer data was stored on that server, ” Acer’s representative told Cybernews.

The seller is a reputable member of the forum, he states that only accepts payments in Monero cryptocurrency and will only sell with the escrow.

The seller added that the data was stolen in mid-February.

In October, the tech giant was hacked twice in a week, the same threat actor (Desorden) initially breached some of its servers in India, then he claimed to have also breached some systems in Taiwan.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, acer)